Moscow State-Backed Hackers Hit Meat Firm Almost Certain, US Says
The attack that paralysed firm in the USA and Australia follows one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States.
Brazil’s JBS SA told the U.S. government that a ransomware attack on the company that has disrupted meat production in North America and Australia originated from a criminal organization likely based in Russia, the White House said on Tuesday.
JBS is the world’s largest meatpacker and the cyberattack caused its Australian operations to shut down on Monday and has stopped livestock slaughter at its plants in several U.S. states.
The attack follows one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, that crippled fuel delivery for several days in the U.S. Southeast.
White House spokeswoman Ms. Karine Jean-Pierre said the United States has contacted Russia’s government about the matter and that the FBI is investigating.
The White House has offered assistance to JBS and our team at the Department of Agriculture have spoken to their leadership several times in the last day, Ms Jean-Pierre said.
JBS notified the administration that the ransom demand came from a criminal organization likely based in Russia. The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals, Ms. Jean-Pierre added.
Specialists on Russian issues emphasised that unlike in the West the Internet in Russia is not free. Moscow, like Beijing, has been controlling its Internet traffic.
A special Kremlin institution, Roskomandnadzor, monitors in real-time connections of millions of Russian users. It is also highly probable that Kremlin secretly introduced the Chinese wall, the detailed surveillance system on the network. But it has not revealed that fact yet, told the specialist who advises one of the European governments on Russia. No hackers located in Russia are anonymous for Kremlin, added the specialist, who agreed to talk to The Owner under the condition of anonymity.
JBS sells beef and pork under the Swift brand, with retailers like Costco Wholesale Corp carrying its pork loins and tenderloins. JBS also owns most of chicken processor Pilgrim’s Pride Co, which sells organic chicken under the Just Bare brand.
If the outages continue, American consumers could see higher meat prices during summer grilling season and meat exports could be disrupted at a time of strong demand from China.
The disruption has already had an impact, industry analysts said. U.S. meatpackers slaughtered 94,000 cattle on Tuesday, down 22 per cent from a week earlier and 18 per cent from a year earlier, according to estimates from the U.S. Department of Agriculture. Pork processors slaughtered 390,000 hogs, down 20 per cent from a week ago and 7 per cent from a year ago.
Prices for choice cuts of U.S. beef shipped to wholesale buyers in large boxes jumped $3.59 to $334.56 per hundred pounds, the USDA said. Prices for select cuts climbed $5.55 to $306.45 per hundred pounds.
The USDA, Department of Homeland Security and other agencies are closely monitoring the meat and poultry supply, a White House official said.
Blocked Systems Suspended
JBS said it suspended all affected systems and notified authorities. It said its backup servers were not affected. A company representative in Sao Paulo said there was no impact on Brazilian operations.
The company said Sunday’s cyberattack affected its North American and Australian IT systems and “resolution of the incident will take time, which may delay certain transactions with customers and suppliers.”
JBS, with North American operations headquartered in Greeley, Colorado, controls about 20% of the slaughtering capacity for U.S. cattle and hogs, according to industry estimates.
The supply chains, logistics, and transportation that keep our society moving are especially vulnerable to ransomware, where attacks on choke points can have outsized effects and encourage hasty payments, said threat researcher Mr. John Hultquist with security company FireEye.